Reports of second BSNL data breach raise major privacy and security concerns [details]

It has been reported that Bharat Sanchar Nigam Limited (BSNL) has faced a serious data breach, a second in the last few months. The breach is said to include sensitive user and operational data. As part of the attack on BSNL servers, the unknown entity is said to possess "SIM card details, home location register data, and server-related critical security keys".

It has been reported that Bharat Sanchar Nigam Limited (BSNL) has faced a serious data breach. This is the second such breach in the last few months.

The breach is said to include sensitive user and operational data. As part of the attack on BSNL servers, the unknown entity is said to possess "SIM card details, home location register data, and server-related critical security keys".

As per reports, such stolen data and information can be misused to carry out criminal activities like SIM card cloning, identity theft, and even extortion, with serious repercussions.

Data security breach generic — Wikipedia Commons

What has been claimed in reports:

The digital risk management firm Athenian Tech had reported through news media that the threat actor behind the cyberattack goes by the name "kiberphant0m".

As per the report, around 278 GB of data has been compromised from BSNL's telecom operations. The breached data goes beyond user related data and includes server snapshots of BSNL's SOLARIS servers that can be used to carry out further attacks and create severe cybersecurity risks.

The threat actor claims to possess critical information such as International Mobile Subscriber Identity (IMSI) numbers, SIM card details, PIN codes, authentication keys, amongst others.The data is reportedly being sold online and priced at $5000 for purchase via the dark web.

Kanishk Gaur, CEO of Athentian Tech, highlighted to the media the "complex" and "critical" nature of the breached data, which goes beyond typical user information and targets the core of BSNL's operational systems. This could lead to more "sophisticated cyber-attacks, targeting not only BSNL but other interconnected systems and networks" with serious repercussions for national security.

The previous attack on BSNL servers occurred in December 2023. A threat actor under the "alias "Perell" had disclosed a "sample dataset" on a dark web forum," including sensitive details of fibre and landline users of BSNL. The dataset contained about 32,000 lines of data and the threat actor claimed that the total number of lines across all databases amounts to over 2.9 million."

A formal response to the reports and other details are awaited from BSNL.